I'm signing an app using an Apple Enterprise certificate and an in-house provisioning profile. I've added the IPA, along with the manifest.plist, to an HTTPS page and I can install the icon at least, with the itms-services://?action=download-manifest&url= link. If I view the device with the Apple Configurator app I can verify the provisioning profile was installed on the device.
BUT: when I try to open the app I don't get the expected message Untrusted Enterprise Developer and I don't see the option to trust the profile in Settings > General > Device Management. Instead I get a message This app cannot be installed because its integrity could not be verified. I see the same message in console logs as well as "A valid provisioning profile for this executable was not found".
This is a MAUI app but I'm getting the same problem if I create an app in Xamarin with the same app id. HOWEVER: if I create an app with the same app id in Xcode it works fine. All three are using the same manifest.plist, app id, version, build number, etc.
It's got to be a certificate issue, right? But I've checked a million times to make sure dotnet publish is using the correct cert. I've un-zipped the IPA after it's built and verified the correct provisioning profile was added. I've re-signed with Xcode and tried using that IPA. I'm not sure what else to try and I don't know why it works with an Xcode project but not Xamarin / MAUI.
Anyone have any ideas?
After much trial and error I was able to solve this by building using the command line only and not putting any of the Codesign information in a PropertyGroup in the .csproj. According to the documentation this shouldn't be necessary but it's working for me now.
My full build command is:
dotnet publish -f:net7.0-ios -c:Release /p:RuntimeIdentifier=ios-arm64 /p:ArchiveOnBuild=true /p:CodeSignProvision="your provisioning profile name" /p:CodesignKey="Your distribution certificate name”